package com.atlassian.oai.validator.interaction.request;

import com.atlassian.oai.validator.model.ApiOperation;
import com.atlassian.oai.validator.model.Headers;
import com.atlassian.oai.validator.model.Request;
import com.atlassian.oai.validator.report.MessageResolver;
import com.atlassian.oai.validator.report.ValidationReport;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.security.SecurityScheme;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/oai/validator/interaction/request/SecurityValidator.class */
class SecurityValidator {
    private static final Logger log = LoggerFactory.getLogger(SecurityValidator.class);
    private static final String MISSING_SECURITY_PARAMETER_KEY = "validation.request.security.missing";
    private static final String INVALID_SECURITY_PARAMETER_KEY = "validation.request.security.invalid";
    private final MessageResolver messages;
    private final OpenAPI api;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.atlassian.oai.validator.interaction.request.SecurityValidator$1, reason: invalid class name */
    /* loaded from: input_file:com/atlassian/oai/validator/interaction/request/SecurityValidator$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$In;
        static final /* synthetic */ int[] $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$Type = new int[SecurityScheme.Type.values().length];

        static {
            try {
                $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$Type[SecurityScheme.Type.APIKEY.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$Type[SecurityScheme.Type.HTTP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$In = new int[SecurityScheme.In.values().length];
            try {
                $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$In[SecurityScheme.In.HEADER.ordinal()] = 1;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$In[SecurityScheme.In.QUERY.ordinal()] = 2;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityValidator(MessageResolver messageResolver, OpenAPI openAPI) {
        this.messages = messageResolver;
        this.api = openAPI;
    }

    @Nonnull
    public ValidationReport validateSecurity(Request request, ApiOperation apiOperation) {
        List security = apiOperation.getOperation().getSecurity();
        if (null == security || security.isEmpty()) {
            return ValidationReport.empty();
        }
        boolean z = false;
        ValidationReport empty = ValidationReport.empty();
        for (Map.Entry entry : this.api.getComponents().getSecuritySchemes().entrySet()) {
            HashMap hashMap = new HashMap();
            security.stream().filter(securityRequirement -> {
                return securityRequirement.containsKey(entry.getKey());
            }).forEach(securityRequirement2 -> {
            });
            if (!hashMap.isEmpty()) {
                TreeSet treeSet = new TreeSet();
                ValidationReport validationReport = (ValidationReport) hashMap.entrySet().stream().map(entry2 -> {
                    ValidationReport validateSingleSecurityParameter = validateSingleSecurityParameter(request, (SecurityScheme) entry2.getValue());
                    if (validateSingleSecurityParameter.getMessages().stream().filter(message -> {
                        return MISSING_SECURITY_PARAMETER_KEY.equals(message.getKey());
                    }).count() > 0) {
                        treeSet.add(entry2.getKey());
                    }
                    return validateSingleSecurityParameter;
                }).reduce(ValidationReport.empty(), (v0, v1) -> {
                    return v0.merge(v1);
                });
                if (treeSet.isEmpty()) {
                    z = true;
                    empty = empty.merge(validationReport);
                } else {
                    log.debug("Security definition not found for {}", entry.getKey());
                }
            }
        }
        return !z ? ValidationReport.singleton(this.messages.get(MISSING_SECURITY_PARAMETER_KEY, request.getMethod(), request.getPath())) : empty;
    }

    @Nonnull
    private ValidationReport validateSingleSecurityParameter(Request request, SecurityScheme securityScheme) {
        switch (AnonymousClass1.$SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$Type[securityScheme.getType().ordinal()]) {
            case 1:
                switch (AnonymousClass1.$SwitchMap$io$swagger$v3$oas$models$security$SecurityScheme$In[securityScheme.getIn().ordinal()]) {
                    case 1:
                        return checkApiKeyAuthorizationByHeader(request, securityScheme);
                    case 2:
                        return checkApiKeyAuthorizationByQueryParameter(request, securityScheme);
                    default:
                        return ValidationReport.empty();
                }
            case 2:
                return checkBasicAuthorization(request, securityScheme);
            default:
                return ValidationReport.empty();
        }
    }

    @Nonnull
    private ValidationReport checkBasicAuthorization(Request request, SecurityScheme securityScheme) {
        return !request.getHeaderValue(Headers.AUTHORIZATION).isPresent() ? ValidationReport.singleton(this.messages.get(MISSING_SECURITY_PARAMETER_KEY, request.getMethod(), request.getPath())) : !request.getHeaderValue(Headers.AUTHORIZATION).get().startsWith("Basic ") ? ValidationReport.singleton(this.messages.get(INVALID_SECURITY_PARAMETER_KEY, request.getMethod(), request.getPath())) : ValidationReport.empty();
    }

    @Nonnull
    private ValidationReport checkApiKeyAuthorizationByQueryParameter(Request request, SecurityScheme securityScheme) {
        return !request.getQueryParameterValues(securityScheme.getName()).stream().findFirst().isPresent() ? ValidationReport.singleton(this.messages.get(MISSING_SECURITY_PARAMETER_KEY, request.getMethod(), request.getPath())) : ValidationReport.empty();
    }

    @Nonnull
    private ValidationReport checkApiKeyAuthorizationByHeader(Request request, SecurityScheme securityScheme) {
        return !request.getHeaderValue(securityScheme.getName()).isPresent() ? ValidationReport.singleton(this.messages.get(MISSING_SECURITY_PARAMETER_KEY, request.getMethod(), request.getPath())) : ValidationReport.empty();
    }
}
